Penetration Test Practice 3rd Edition (Red Team Edition)

This is The third edition of The Hacker Playbook, which is also known as The Red Team edition. Because the book is written from the perspective of red and blue against red team in China.

First of all, I’m sorry, because my translation may not be particularly good. First of all, THE whole book was translated by me alone in three weeks, because I am about to graduate from master’s degree, so IT is impossible for me to spend too much time on it. Moreover, this book is highly professional and is not a popular science reading. And the translator’s professional level is limited, so maybe the understanding of this book is also limited by my professional level. However, the translator has done his best to translate this book with the utmost sincerity. The effect I seek is to complete the connection between the author of this book and the Chinese reader. Based on this goal, my translation principles are as follows:

1. For each sentence, I did not simply translate it into Chinese on the level of meaning, but translated it according to my own understanding. I have a point: in that case, what’s the difference from Google Translate? Therefore, I will understand each sentence of the author on the basis of the meaning of the word, refer to relevant materials, and combine the meaning of the word, sentence and professional knowledge background to translate. So you can see that I’ve posted some supplementary material here and there. I hope my translation will keep the author’s original intention and be more in line with the Chinese. If there was any confusion, I discussed it with a few friends in the security industry who were more experienced than I was. After all, I was so young that it would be my fault if MY superficial understanding misled readers. For each sentence, I will only post it if I make myself readable.
2. Because Chinese and English are indeed different, not every English sentence can be expressed in the same way in Chinese, and inevitably there are some strange translations. In this case, I would search the Internet based on keywords and refer to translations such as Microsoft’s Chinese documents, preferably following their translation conventions. Because there is no doubt that professional Microsoft documentation engineers are better than I am.
3. I clicked all the links in the translation by myself. Although I couldn’t access some of the English PDF links I got, I tried my best to restore the author’s original intention and found the correct links through Internet search. I will also add a note for other outdated links. It must be noted here that, in fact, some links have been broken constantly, and many of them have been broken in the last three weeks of my translation until I have finalized it today. I can only post the most recent links.
4. Some technical terms are reserved for English usage, because this book is not a popular science book after all. A lot of security professionals around me, they don’t refer to payload as an attack payload. So in this book, the payload is used except for the first time you encounter the attack payload. Similar terms include Beacon, POC, AD, etc.
5. Some tools keep their options in English. If translated into Chinese, the option may not be available to readers, making it inconvenient and self-defeating.
6. I think, therefore I am confused. There are also many blind spots in the book that I can’t read and don’t quite understand. I looked it up as I read it, but THEN I thought, why not share what I found that I thought was good? That’s where those [translator’s notes] in my translation come from. Since I use this translation as a book + notebook, there are many links because I have to read it myself. If you don’t watch it, ignore it. And, since this is a Chinese translation, the reference materials I share are mainly Chinese materials. English link is I think especially good articles will be attached.
7. I got the English PDF version, there are some problems in the code. Take this line from the original code in the bookPython SharpShooter. Py - interactive. but-It should be--. There are many such errors in this book. Therefore, according to the translator’s experience:-If you can’t get away, the reader can substitute for- 或 --Let’s try it. Maybe we can get it through. If you can’t run again, you can search on the Internet.
8. PDF version, if used[]Bracketed links are not accessible, please observe the URL and delete as appropriate], generally can access.

Technology moves so fast that some of the tools in this book may be outdated. We don’t have to follow the book blindly, we can combine some of our own thinking.

Chapter 7, for example, might be a little out of date. But the recompilation of MSF in Chapter 7 is all about:

1. Eliminate MSF traffic fingerprint as much as possible;
2. [Improved] Enhanced static immunity of MSF payload
3. Add custom functionality (interaction with C2, dynamic execution, traffic optimization).

If you think about this, it’s a lot easier to see and understand how it works. At present, the secondary development of attack framework is basically doing so, the idea is the same, but the way of implementation is different, but all changes are the same, we can still get some enlightenment from the secondary development ideas in the book.

And the author of this book makes a point that I think is very interesting. The Red team’s technology, he says, is based on the repeated cycles of the OSI seven layers. The authors even add an eighth layer of social engineering attacks. If you finish reading this book, you’ll see that, yes, there are physical-layer, transport-layer tools available at…… All the way to social engineering attacks. The authors argue that when all defenses are close to perfect, we can still use an eighth level, social engineering attack to infiltrate. And as new technologies grow larger and more complex, some of the old vulnerabilities emerge. Traditional methods of attack will find new life.

That’s probably why we read books like this. It is better to teach people to fish than to give them fish. Some tool viruses will be reversed and signed by security vendors soon after they come out. But if we learn how to slay the dragon, then we can cope with all change without changing. I learned a lot from the author’s guidance in this book. The author not only goes further, but also tells us why programming ability is important for security personnel and why we need to understand the underlying…… I’m sure if you read carefully, you’ll get as much out of it as I did.

In the process of translating this book, I also gained friendship. For a word we can discuss for a long time, such peers, let me deeply feel that I did not choose the wrong direction. Thanks to the following friends for proofreading support:

• Mr. Aso
• Anonymous jack
• Victor Zhu
• thrush
• leitbogioro

Thanks also to the following friends who are willing to discuss the book with me:

• thrush
• Mr. Aso
• Anonymous jack
• googu0

We would like to express our sincere thanks for your help.